ADMIN_NO_SRP_AUTH: Non-SRP authentication flow; you can pass in the
USERNAME and PASSWORD directly if the flow is enabled for calling the
app client.

USER_PASSWORD_AUTH: Non-SRP authentication flow; USERNAME and
PASSWORD are passed directly. If a user migration Lambda trigger is
set, this flow will invoke the user migration Lambda if the USERNAME
is not found in the user pool.

Possible values:

USER_SRP_AUTH

REFRESH_TOKEN_AUTH

REFRESH_TOKEN

CUSTOM_AUTH

ADMIN_NO_SRP_AUTH

USER_PASSWORD_AUTH

Returns:

(String)
—

The authentication flow for this call to execute.

#auth_parameters ⇒ Hash<String,String>

The authentication parameters. These are inputs corresponding to the
AuthFlow that you are invoking. The required values depend on the
value of AuthFlow:

For USER_SRP_AUTH: USERNAME (required), SRP_A (required),
SECRET_HASH (required if the app client is configured with a client
secret), DEVICE_KEY

For REFRESH_TOKEN_AUTH/REFRESH_TOKEN: REFRESH_TOKEN (required),
SECRET_HASH (required if the app client is configured with a client
secret), DEVICE_KEY

#client_id ⇒ String

The app client ID.

Returns:

(String)
—

The app client ID.

#client_metadata ⇒ Hash<String,String>

This is a random key-value pair map which can contain any key and will
be passed to your PreAuthentication Lambda trigger as-is. It can be used
to implement additional validations around authentication.

Returns:

(Hash<String,String>)
—

This is a random key-value pair map which can contain any key and will be passed to your PreAuthentication Lambda trigger as-is.